
Find real vulnerabilities before they ship
xmlsec 1.2.23 and before is vulnerable to XML External Entity Expansion when parsing crafted input documents, resulting in possible information disclosure or denial of service
Base Score
7.1| Base Score | 7.1 |
|---|---|
| Vector String | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H |
| Base Severity | High |
| Version | 3.0 |
| Attack Vector (AV) | LOCAL |